Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

TLauncher.exe

windows7-x64

1

TLauncher.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230621-es
  • resource tags

    arch:x64arch:x86image:win7-20230621-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    28/06/2023, 01:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TLauncher.exe

  • Size

    6.3MB

  • MD5

    a09d58d5281883d9b555cb8f99974f57

  • SHA1

    f900108770e0ee69a88df27bfeb3aa13322385b0

  • SHA256

    dd5891adfd1f98f945cd02c02a231a41c8224ccc350050b65e2b987e075920aa

  • SHA512

    0f9fc01df7bd6fcf25893ef1a31d0105e19a853d81d475312c1ad4d3f17b77ad6cba659c4b78bda8040279c91947d9277987447a3795b7acb393a5eb95ae8f3c

  • SSDEEP

    196608:kF52l8bIboBT5eN0Ca/TuQnxByJRHcj3pqxsY:hRNNG/TuoyJRui

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TLauncher.exe
    "C:\Users\Admin\AppData\Local\Temp\TLauncher.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1424
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://java-for-minecraft.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1264
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1264 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1736

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    382d64aaab63b97d95540a48133177b9

    SHA1

    27299729ce298abb420753afa8fde2dec361e3dc

    SHA256

    6532d23c5ae5ae76290d9f2eb25e5b350ae4112e7f7022f069807d310c45d335

    SHA512

    a47d906c6e2142b0001284fff1ef2a38cb96fb24377f06d68777ffb768363365ce7feb929748f7a31a7cdc3a4ee9b9c9f1d76a08bc9bf40f1fb8ac61a4494223

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    da406c297d82cfb186a0ed235fbf28f6

    SHA1

    8092e10a3ac0bc947efc24e4acb2e3498825b428

    SHA256

    1cff0fe7c0c741f9ec49e9e0d771ca39826ed92b6555ed7cd58b21d9e321de60

    SHA512

    eba2493f1083691d054ea98a48f406a1f470dfba0592abf0d7038ed9ef3d6959843edb115b31d9d9a9971613eebd7f81c5c9249302487443c79fbb03667e8ce3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c7a591539acbd91848b56dde538cd57

    SHA1

    3eb6a9c24ac1b6c1509daf41c632f02f06b5cef5

    SHA256

    2b0f7d28e8ef72a394a73b8cfeb96b43f8dc5ea1c0b8415fb6547cf1132fa79e

    SHA512

    ff7bd83bd9be24b4129209745c9e003c581ff6b645c067087a4569e351003c0cffeffcbe0bf90fd9c1987bfb340167f733362ac5ee9d90680729e847116e998f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03e4e1dde8460f1272f6dc6c36638a37

    SHA1

    8c4dff6b5705f620467e08a4ade9c6d59f9a7df2

    SHA256

    ea1c8a63afc5d1631c12e3edb1cdce3445204db97f177a3ca11b9bf9369e07eb

    SHA512

    a3acd86a7124fa023b56d76beadba3559b328cbf9e713a351165b3605f2589b2345f94458fd5e7f3243e342604aeeca7ddff381388e49c4654d1ed977677438e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3a69879059720bfb8362db31c48be1ab

    SHA1

    7bde2589b132c713236ca7f36edfc3eca8bd260c

    SHA256

    24a2907c980f342135589b930777098789b4884fedea064983baad5f33beabfe

    SHA512

    7a54add6822ae2d1bf4583bf6a326dc339fdc039be26adbc99807c5ec1b3792e42dac47b8285ce97ab8dd41dbd2d2ce37932750fd9755da711cd941f9666ec1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ee75e9265f9592cac4a3b2156c700214

    SHA1

    f312ccdeb594841fd08fa21549f71594b09f42bd

    SHA256

    7230ada041db5a7850dbe8d1a7c3467e3f874437f6327887ef8988a2295b573f

    SHA512

    abbf5974438388ae0e7d5de107141e82c624e0ae975dff099b3a8e2537c000946d3759312b3d2481bb1d647de03e143fac8fa16b00727f954d0ac6e6db59739c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    aeaa3977d57753cb55b039f2aeaa546a

    SHA1

    fdb9674c48c92d6e4aa5222e894fba96dd3bc7bb

    SHA256

    e700e0db588221728186767b36e39d5724f27eab14534175aa25f6767f56a03d

    SHA512

    c4ae4daa6ca722eb06ce87cc39b234d156c412c325de3743e11b52255a2001824c5bec57ae24558df89abc9f52ab6be9c2c0b4839471e18314a2ac7ba4da3813

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fa6ab161b22848ba0a3795d6b437295f

    SHA1

    4a35d595909845fa03eae36c6ab1bf6d06f47715

    SHA256

    4b57201a066e1af37c6a60040f0012ba47fe399beda3723676f3d35b7fb06e7f

    SHA512

    d167b28d2045e3e2e8afb830e4ebe0b7d0c789be6f0aafa27796a13c47721ba78a470af8b5a22cce78360c25f1c2834e1a0312e31e3937a10134eedc7ee224af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7e08ad5b928824de888ab1a63cc0859f

    SHA1

    f4c622f019bd5169129f2aa0705077ac21ddaf98

    SHA256

    9e0af78f4b47dce6ce413e4ecd2f0c802fef85a2ac1938c512ff22a1b0bafa1d

    SHA512

    e8b5e736478f7aa1c8e562e83138f526c4ee3eb8ef7d7e7f17952ef8eda78cd4f20257a1fe5c48939230ebd576dc303551048c82ab2c1df57c6e9e95eb009592

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be90b53c0be0bacceffde017b2611746

    SHA1

    c835d91cf9a28e5b2898d7ddddee04009f135b62

    SHA256

    49ba33503e39ae3083fd4bb6cd38a6dfb29eb1f30025a8b6f4755c2dff9eabfd

    SHA512

    db510eac153a13e1efc9fdc0c71cc965f3cbf92798eef21baecf1b87f1456f75719c1d9b1e512da9a8ce9e0962d1c309c7ade98e02720f9adcd63d308728b772

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\134K02XQ\suggestions[1].es-ES
    Filesize

    18KB

    MD5

    e2749896090665aeb9b29bce1a591a75

    SHA1

    59e05283e04c6c0252d2b75d5141ba62d73e9df9

    SHA256

    d428ea8ca335c7cccf1e1564554d81b52fb5a1f20617aa99136cacf73354e0b7

    SHA512

    c750e9ccb30c45e2c4844df384ee9b02b81aa4c8e576197c0811910a63376a7d60e68f964dad858ff0e46a8fd0952ddaf19c8f79f3fd05cefd7dbf2c043d52c5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCBF9.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarCBFB.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\QYHC5YJ2.txt
    Filesize

    605B

    MD5

    f3dfdc6ca00f5386c57cad5e1fb7267b

    SHA1

    3ce3157c92c0842d0082ad0ae9ac48eb69e27e3d

    SHA256

    336fef29b3b4b97a23cbc20bf0ae51588a891300f0ef04b37918998811f609d1

    SHA512

    0837dd3d370baabdec851c7be34c9cc4b6ab187c6aa388e50d5e41be6661bc5a16f2829099c4e137529c649268d869c284379d3471b23bdf934178fbe3eac133

    Download Submit

  • memory/1424-54-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download